0

i am try to compare the Stored-password and Salted Password for the Experiment. Now i have a Stored Password and Salted-password., Stored-password having 72-byte and Salted-password having 18-bytes only, but i facing problem on comparison, how can i compare the both of them.. Here my Code :

 RandomAccessFile raf = new RandomAccessFile(fileName, "r");
 final byte[] stored = new byte[(int) raf.length()]; 
 // in File : "9F3F4E45C0B58B410333D5CB45EB94B708285E80E77F85E1545B9CED25044EAF9158EADB";
 String saltedPw="2013527f8d155ecf0";

 byte[] saltedPassword=bc.getBytes();
 byte[] sha1 = MessageDigest.getInstance("SHA-1").digest(saltedPw);
 byte[] md5 = MessageDigest.getInstance("MD5").digest(saltedPw);
 byte[] hashed=(toHex(sha1)+toHex(md5)).getBytes();
 Arrays.equals(hashed, stored);    // its mismatching here

I compared both of them but its mismatching. what is the problem on that.. how can i get the Pin-number.. Anyone help me...

Thanks in Advance.. :)

Edited by peter_budo: Java general question, you may get faster reply here

2
Contributors
1
Reply
25
Views
3 Years
Discussion Span
Last Post by Ewald Horn
0

Ah, the whole idea of the stored password is to have random bits in there to confuse you. I don't think it's going to be easy to extract the PIN from the store, that would mean PIN's on devices would be completely useless.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.